FREE GDPR Helpline
Call +44 (0) 208 133 2545
The GDPR can penalise companies up to €20 million or 4% of global annual turnover for certain infringements and data breaches. Regulatory bodies will investigate infringements to ascertain the level of data protection at a company before deciding on the penalty amount.
Is it fair that companies that are the victims of expert hacking could be penalised millions of Euros, when the hackers are the real criminals? Shouldn’t there be a greater effort to identify and penalise hackers, thus providing a warning for other potential hackers?
Admittedly, the new Regulation will encourage (or force) companies to have better cybersecurity in place, making it harder to be hacked. But it is unlikely that the GDPR is an incentive for hackers to stop hacking. Companies may be able to prevent careless internal data breaches, but it is unlikely they can guarantee to be risk-free when it comes to be being hacked by external parties.